Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Display System Log Files

Display a Log File from a Single-Chassis System

To display a log file stored on a single-chassis system, enter Junos OS CLI operational mode and issue either of the following commands:

By default, the commands display the file stored on the local Routing Engine. To display the file stored on a particular Routing Engine, prefix the file or pathname with the string re0 or re1 and a colon. The following examples both display the /var/log/messages file stored on the Routing Engine in slot 1:

For information about the fields in a log message, see Interpreting Messages Generated in Standard Format by a Junos OS Process or Library, Interpreting Messages Generated in Standard Format by Services on a PIC, and Interpreting Messages Generated in Structured-Data Format. For examples, see Log File Sample Content.

Log File Sample Content

This topic contains sample content from the /var/log directory. You can display the contents of the /var/log/messages file stored on the local Routing Engine. (The /var/log directory is the default location for log files, so you do not need to include it in the filename. The messages file is a commonly configured destination for system log messages.)

Note:

In Junos OS Evolved, the messages file is only written on the primary Routing Engine. Backup Routing Engine messages are found in the messages file on the primary Routing Engine.

You can display the contents of the file /var/log/processes, which has been previously configured to include messages from the daemon facility. When issuing the file show command, you must specify the full pathname of the file:

You can display the contents of the file /var/log/processes when the explicit-priority statement is included at the [edit system syslog file processes] hierarchy level:

Warning Message Support for Throughput Overuse:

The SRX4100 device supports up to 20 Gbps and 7 Mpps of Internet mix (IMIX) firewall performance. When IMIX throughput exceeds 20 Gbps and 7 Mpps on an SRX4100 device, new log messages are logged. These log messages remind you that there is throughput overuse. You can see the following sample log messages when you issue the show log messages command.

As a reminder of throughput overuse, every 15 minutes the system calculates how many minutes the throughout has exceeded 20 Gbps and 7 Mpps. The system triggers a log message if the throughput has exceeded more than 1 minute, 30 seconds (10%) of the last 15 minutes. For example, suppose you see the following log message:

It means your throughput has exceeded 20 Gbps and 7 Mpps for 5 minutes, 15 seconds of the last 15 minutes (35% of 15 minutes) that triggered the log message.

To turn off this log message, we recommend that you bring down the throughput level below 20 Gbps and 7 Mpps or install the enhanced performance upgrade license.

Note:

This feature requires a license. Please refer to the Juniper Licensing Guide for general information about License Management. Please refer to the product Data Sheets at SRX Series Services Gateways for details, or contact your Juniper Account Team or Juniper Partner.

Display a Log File from a Routing Matrix

One way to display a log file stored on the local Routing Engine of any of the individual platforms in a routing matrix (T640 routing nodes or TX Matrix platform) is to log in to a Routing Engine on the platform, enter Junos OS CLI operational mode, and issue the show log or file show command described in Displaying a Log File from a Single-Chassis System.

To display a log file stored on a T640 routing node during a terminal session on the TX Matrix platform, issue the show log or file show command and add a prefix that specifies the T640 routing node’s LCC index number as lccn, followed by a colon. The index can be from 0 (zero) through 3:

By default, the show log and file show commands display the specified log file stored on the primary Routing Engine on the T640 routing node. To display the log from a particular Routing Engine, prefix the file- or pathname with the string lccn-primary, lccn-re0, or lccn-re1, followed by a colon. The following examples all display the /var/log/messages file stored on the primary Routing Engine (in slot 0) on routing node LCC2:

If the T640 routing nodes are forwarding messages to the TX Matrix platform (as in the default configuration), another way to view messages generated on a T640 routing node during a terminal session on the TX Matrix platform is simply to display a local log file. However, the messages are intermixed with messages from other T640 routing nodes and the TX Matrix platform itself. For more information about message forwarding, see Impact of Different Local and Forwarded Severity Levels on System Log Messages on a TX Matrix Router.

For information about the fields in a log message, see Interpreting Messages Generated in Structured-Data Format, Interpreting Messages Generated in Standard Format by Services on a PIC, and Interpreting Messages Generated in Standard Format by a Junos OS Process or Library. For examples, see Log File Sample Content.

Display MD5 Log Files

Junos OS and Junos OS Evolved BGP supports authentication for protocol exchanges. When you configure TCP Message Digest 5 (MD5) authentication for BGP protocol on the neighboring routing devices to verify the authenticity of BGP packets, the following log warning messages stored in /var/log/messages/ are displayed:

On Junos OS,

When MD5 configured on local but not on peer device,

When MD5 configured on peer but not on local device,

When MD5 is configured on both the routers and there is authentication password mismatch, the following log is displayed:

On Junos OS Evolved,

When TCP MD5 authentication is configured on local but not on peer device, the log messages are not available.

When TCP MD5 authentication is configured on peer but not on local device, the log messages are not available.

When MD5 is configured on both the routers and there is authentication password mismatch, the following log is displayed: